Information Risk Assessment

Our world-class information risk assessment ensures over 450 vulnerabilities are reviewed in interviews with strategic and tactical teams. The assessment factors in concerns raised by stakeholders, audit findings and past incidents ensuring that all security requirements are identified and prioritised according to business impact.

IT Governance and IT Risk Review

IT governance is a framework that ensures your IT infrastructure supports and enables an organisation to achieve its goals. We will perform an IT process maturity review, IT risk assessment and can assist with remediation of your IT environment.

Information Security Management System (ISMS) and ISO 27001 Certification

We have the necessary skills and experience to partner with you to scope, establish an ISMS, and take it through to a successful ISO 27001 certification. We can furthermore assist with certified lead auditor and lead implementer training for all teams.

Supplier and Third-Party Risk

We will review your current supplier management lifecycle to ensure that the applicable governance components such as NDAs, SLAs and other contracts are in line with information risk management requirements. We also perform independent third-party risk assessments.

Privacy and Protection of Personal Information Act (PoPIA) Reviews

Organisations are expected to safeguard personal information entrusted to them; ignorance is no longer accepted as an excuse. We conduct a privacy impact assessment and provide the necessary consulting services to ensure your organisation is compliant with relevant privacy and data protection requirements.

Disaster Recovery (DR)

Following an alignment process to the Business Continuity Management (BCM) strategy, we establish detailed disaster recovery plans for all key areas of the organisation. We then run simulated disaster scenario tests and help to mentor and upskill the DR Operations Team.

A proactive approach

The implementation of a proactive approach to information risk management will ensure that your business is better prepared for any internal or external attacks, leaving your company more secure and ensuring better governance. However, businesses without such an approach in place are left vulnerable, with potentially disastrous consequences. Wolfpack provides an advisory plan which enables you to be well-equipped to achieve full adherence to the ISO Standards, as well as maintaining a defendable, risk-management based security posture in the face of a constantly changing regulatory, customer, and threat environment.
Wolfpack will partner with you to build a solid, business-aligned security strategy, thereby
improving your organisation’s cyber risk management.

Information Risk Strategy and Roadmap

Our information risk framework provides the foundation upon which we architect the strategy to support business objectives and the subsequent information risk programme. The modular nature of the framework furthermore provides an agile environment to allow the organisation to continuously re-evaluate their priorities and approach as the business and threat landscape evolves.

Security Architecture and Design

A well-designed security architecture programme will ensure that all security is business-driven, risk-focused, comprehensive, modular, auditable and transparent, demonstrates compliance and provides two-way traceability of business requirements.

Human Resource (HR) Governance

We have the necessary skills and experience to partner with you to scope, establish an ISMS, and take it through to a successful ISO 27001 certification. We can furthermore assist with certified lead auditor and lead implementer training for all teams.

IT and Network Security Reviews

IT and network devices are crucial for the operation of any organisation. An IT and network review will ensure that weaknesses in configuration are identified and remediated, reducing the risk of a security incident.

Change and Release Management

IT change and release management is primarily concerned with the governance of transitioning new technology and procedural adjustments into a live operational environment, with as little risk as possible.

Business Continuity and Crisis Management

We will establish the required BCM governance components in accordance with ISO 22301. We then conduct a Business Impact Analysis (BIA) with senior management teams to determine and evaluate the potential effects of an interruption to critical business operations as a result of a disaster, accident or emergency.

Incident Management (IM)

We review your current IM, DR and BCM environment and ensure an ISO 27035 aligned incident management programme is in place to handle major privacy or cyber incidents. We provide the necessary governance documentation, detailed “battle guides” and training / simulated incident testing for the Incident Response Team (IRT).

Data Governance Framework – Classification and Handling

The data governance framework aims to provide an approach to proactively minimise the likelihood and impact of a data leak. Through a consultative approach, we help both business and IT to understand the value of their data, establish classification rules and then provide guidelines and training to communicate securely.



Awareness Programme Management

Wolfpack provides a full turnkey awareness solution that includes business needs analysis, content development and customisation, programme management, an intuitive learning management system, as well as various human vulnerability assessments conducted using our online threat platform Camo Wolf.

Professional Awareness Content

Wolfpack maintains its custom range of short professional animated videos that are both fun to watch as well as being a highly effective learning tool as they are based on realistic incidents. Each video topic comes with supporting materials such as posters, cartoons and screensavers that are branded in accordance with corporate identity guidelines to further drive the message home.

Easy Policy Communication Tool

There is often a disconnect between policy writers and their audiences. We have summarised key requirements from a typical information security policy into an easy to read, branded story booklet available in digital format that can be shared electronically or printed, which outlines expected behaviours.

Digital Simulations

Simulations are online interactive lessons where a student has to navigate their way through the course and make the correct decisions.

VIP Cyber Protection

Online protection from impersonators, physical and travel threats, credential theft, malicious links and more.

Employee Cyber Protection

Online protection from credential theft, malicious links, viruses, and abusive posts via monitoring, alerting and online training.

"Let us not look back in anger, nor forward in fear, but around in awareness." -James Thurber

Camo Wolf - Human Vulnerability Assessments

We have an online threat assessment platform that can be used to conduct realistic attack scenarios on teams within your organisation. We are able to conduct spear-phishing, bad USB, ransomware simulations, dumpster diving as well as test your physical security by gaining access to facilities. All tests are conducted in a controlled professional manner without reducing the realism of an actual attack.

Cyber Wellness

We run workshops teaching your employees how to protect themselves and their families against relevant cyber threats when using social media, mobile devices, games, etc. The workshops use a combination of interactive feedback technology and “eye-opening” demonstrations and are extremely effective at getting a “buy-in” from your users.

Grey Wolf Learning Management System (LMS)

Grey Wolf is an affordable integrated assessment and e-learning platform that can either be installed within your environment or run in the cloud. The assessment system can provide access for multiple users that are spread across departments in various geographical locations. We offer a full maintenance and Service Level Agreement (SLA) to take the hassle out of managing the system.

Threat Intelligence

National and
Industry Research

Wolfpack has conducted a number of national or sector- specific related threat research projects on topics such as cybercrime and critical information infrastructure protection. Our research is 100% vendor-neutral and is aimed at providing guidance to policy makers and strategic public and private sector stakeholders.

Alert Africa -
Community Awareness Website

One of the challenges highlighted at previous CyberCon events was the lack of a national awareness programme for South Africa. Wolfpack partnered with the British High Commission to build Alert Africa to provide a guidance on cyber threats and provide a portal to report a cybercrime in South Africa.

Wolfpack Cares -
Social Responsibility Projects

Wolfpack’s culture is one of community engagement and support and as such undertake a number of pro bono projects each year.


Our Local and International Research Initiatives



The Wolfpack Cyber Academy was created from a need to educate all levels of any type of organisation on the risks of not securing information properly as well as providing certification on the required standards and practices. The courses that we offer to the public, our clients and government departments focus on various areas of IT governance, risk, information security and cyber security. These courses vary in complexity and are tailored to suit any level of employee regardless of industry or organisation.


Specialist Government and Industry Training Programmes

We have successfully run training programmes for the banking and government sectors. Based on specific industry or country needs, we are able to structure a course tailored to your specific requirements.

Tailored Training Programmes for Companies - Executives or Operational Areas

We have successfully built and facilitated cyber training courses (ranging from 1 to 4 hours in length) for board members and executives. We then run more detailed operational courses for line management and GRC/IT teams so that the entire management team understands their roles to support the organisation.


Online Brand Reputation Management

Protection from takeover, fake spoofing, fraud/scams, counterfeit, violence, phishing and inappropriate use.

Social Media Protection

Facebook and LinkedIn auto content moderation and domain protection from takeover, violence, phishing and scams.

Cyber Incident Response

We have relationships with local and international partners to assist our clients with an incident response service thereby giving you access to a highly-experienced incident response specialist, at the time when you need it most.

Contact Us

Building 1, Pendoring Office Park 299 Pendoring Road Blackheath Northcliff 2195 Johannesburg, South Africa